1 /* $NetBSD: if_pppoe.c,v 1.158 2020/11/25 10:42:35 yamaguchi Exp $ */ 2 3 /* 4 * Copyright (c) 2002, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Martin Husemann <martin@NetBSD.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 __KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.158 2020/11/25 10:42:35 yamaguchi Exp $"); 34 35 #ifdef _KERNEL_OPT 36 #include "pppoe.h" 37 #include "opt_pppoe.h" 38 #include "opt_net_mpsafe.h" 39 #endif 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/kernel.h> 44 #include <sys/atomic.h> 45 #include <sys/callout.h> 46 #include <sys/malloc.h> 47 #include <sys/mbuf.h> 48 #include <sys/socket.h> 49 #include <sys/proc.h> 50 #include <sys/ioctl.h> 51 #include <sys/kauth.h> 52 #include <sys/intr.h> 53 #include <sys/socketvar.h> 54 #include <sys/device.h> 55 #include <sys/module.h> 56 #include <sys/sysctl.h> 57 #include <sys/rwlock.h> 58 #include <sys/mutex.h> 59 #include <sys/psref.h> 60 #include <sys/cprng.h> 61 #include <sys/workqueue.h> 62 63 #include <net/if.h> 64 #include <net/if_types.h> 65 #include <net/if_ether.h> 66 #include <net/if_sppp.h> 67 #include <net/if_spppvar.h> 68 #include <net/if_pppoe.h> 69 #include <net/if_dl.h> 70 71 #include <net/bpf.h> 72 73 #include "ioconf.h" 74 75 #ifdef NET_MPSAFE 76 #define PPPOE_MPSAFE 1 77 #endif 78 79 struct pppoehdr { 80 uint8_t vertype; 81 uint8_t code; 82 uint16_t session; 83 uint16_t plen; 84 } __packed; 85 86 struct pppoetag { 87 uint16_t tag; 88 uint16_t len; 89 } __packed; 90 91 #define PPPOE_HEADERLEN sizeof(struct pppoehdr) 92 #define PPPOE_OVERHEAD (PPPOE_HEADERLEN + 2) 93 #define PPPOE_VERTYPE 0x11 /* VER=1, TYPE = 1 */ 94 95 #define PPPOE_TAG_EOL 0x0000 /* end of list */ 96 #define PPPOE_TAG_SNAME 0x0101 /* service name */ 97 #define PPPOE_TAG_ACNAME 0x0102 /* access concentrator name */ 98 #define PPPOE_TAG_HUNIQUE 0x0103 /* host unique */ 99 #define PPPOE_TAG_ACCOOKIE 0x0104 /* AC cookie */ 100 #define PPPOE_TAG_VENDOR 0x0105 /* vendor specific */ 101 #define PPPOE_TAG_RELAYSID 0x0110 /* relay session id */ 102 #define PPPOE_TAG_MAX_PAYLOAD 0x0120 /* max payload */ 103 #define PPPOE_TAG_SNAME_ERR 0x0201 /* service name error */ 104 #define PPPOE_TAG_ACSYS_ERR 0x0202 /* AC system error */ 105 #define PPPOE_TAG_GENERIC_ERR 0x0203 /* generic error */ 106 107 #define PPPOE_CODE_PADI 0x09 /* Active Discovery Initiation */ 108 #define PPPOE_CODE_PADO 0x07 /* Active Discovery Offer */ 109 #define PPPOE_CODE_PADR 0x19 /* Active Discovery Request */ 110 #define PPPOE_CODE_PADS 0x65 /* Active Discovery Session confirmation */ 111 #define PPPOE_CODE_PADT 0xA7 /* Active Discovery Terminate */ 112 113 /* two byte PPP protocol discriminator, then IP data */ 114 #define PPPOE_MAXMTU (ETHERMTU - PPPOE_OVERHEAD) 115 116 /* Add a 16 bit unsigned value to a buffer pointed to by PTR */ 117 #define PPPOE_ADD_16(PTR, VAL) \ 118 *(PTR)++ = (VAL) / 256; \ 119 *(PTR)++ = (VAL) % 256 120 121 /* Add a complete PPPoE header to the buffer pointed to by PTR */ 122 #define PPPOE_ADD_HEADER(PTR, CODE, SESS, LEN) \ 123 *(PTR)++ = PPPOE_VERTYPE; \ 124 *(PTR)++ = (CODE); \ 125 PPPOE_ADD_16(PTR, SESS); \ 126 PPPOE_ADD_16(PTR, LEN) 127 128 #define PPPOE_DISC_TIMEOUT (hz*5) /* base for quick timeout calculation */ 129 #define PPPOE_SLOW_RETRY (hz*60) /* persistent retry interval */ 130 #define PPPOE_RECON_FAST (hz*15) /* first retry after auth failure */ 131 #define PPPOE_RECON_IMMEDIATE (hz/10) /* "no delay" reconnect */ 132 #define PPPOE_DISC_MAXPADI 4 /* retry PADI four times (quickly) */ 133 #define PPPOE_DISC_MAXPADR 2 /* retry PADR twice */ 134 135 #ifdef PPPOE_SERVER 136 /* from if_spppsubr.c */ 137 #define IFF_PASSIVE IFF_LINK0 /* wait passively for connection */ 138 #endif 139 140 #define PPPOE_LOCK(_sc, _op) rw_enter(&(_sc)->sc_lock, (_op)) 141 #define PPPOE_UNLOCK(_sc) rw_exit(&(_sc)->sc_lock) 142 #define PPPOE_WLOCKED(_sc) rw_write_held(&(_sc)->sc_lock) 143 144 #ifdef PPPOE_MPSAFE 145 #define DECLARE_SPLNET_VARIABLE 146 #define ACQUIRE_SPLNET() do { } while (0) 147 #define RELEASE_SPLNET() do { } while (0) 148 #else 149 #define DECLARE_SPLNET_VARIABLE int __s 150 #define ACQUIRE_SPLNET() do { \ 151 __s = splnet(); \ 152 } while (0) 153 #define RELEASE_SPLNET() do { \ 154 splx(__s); \ 155 } while (0) 156 #endif 157 158 #ifdef PPPOE_DEBUG 159 #define DPRINTF(_sc, _fmt, _arg...) pppoe_printf((_sc), (_fmt), ##_arg) 160 #else 161 #define DPRINTF(_sc, _fmt, _arg...) __nothing 162 #endif 163 164 struct pppoe_softc { 165 struct sppp sc_sppp; /* contains a struct ifnet as first element */ 166 LIST_ENTRY(pppoe_softc) sc_list; 167 struct ifnet *sc_eth_if; /* ethernet interface we are using */ 168 169 uint64_t sc_id; /* id of this softc, our hunique */ 170 int sc_state; /* discovery phase or session connected */ 171 struct ether_addr sc_dest; /* hardware address of concentrator */ 172 uint16_t sc_session; /* PPPoE session id */ 173 174 char *sc_service_name; /* if != NULL: requested name of service */ 175 char *sc_concentrator_name; /* if != NULL: requested concentrator id */ 176 uint8_t *sc_ac_cookie; /* content of AC cookie we must echo back */ 177 size_t sc_ac_cookie_len; /* length of cookie data */ 178 uint8_t *sc_relay_sid; /* content of relay SID we must echo back */ 179 size_t sc_relay_sid_len; /* length of relay SID data */ 180 #ifdef PPPOE_SERVER 181 uint8_t *sc_hunique; /* content of host unique we must echo back */ 182 size_t sc_hunique_len; /* length of host unique */ 183 #endif 184 callout_t sc_timeout; /* timeout while not in session state */ 185 struct workqueue *sc_timeout_wq; /* workqueue for timeout */ 186 struct work sc_timeout_wk; 187 u_int sc_timeout_scheduled; 188 int sc_padi_retried; /* number of PADI retries already done */ 189 int sc_padr_retried; /* number of PADR retries already done */ 190 krwlock_t sc_lock; /* lock of sc_state, sc_session, and sc_eth_if */ 191 }; 192 193 /* incoming traffic will be queued here */ 194 struct ifqueue ppoediscinq = { .ifq_maxlen = IFQ_MAXLEN }; 195 struct ifqueue ppoeinq = { .ifq_maxlen = IFQ_MAXLEN }; 196 197 void *pppoe_softintr = NULL; 198 static void pppoe_softintr_handler(void *); 199 200 extern int sppp_ioctl(struct ifnet *, unsigned long, void *); 201 202 /* input routines */ 203 static void pppoeintr(void); 204 static void pppoe_disc_input(struct mbuf *); 205 static void pppoe_dispatch_disc_pkt(struct mbuf *, int); 206 static void pppoe_data_input(struct mbuf *); 207 static void pppoe_enqueue(struct ifqueue *, struct mbuf *); 208 209 /* management routines */ 210 static int pppoe_connect(struct pppoe_softc *); 211 static int pppoe_disconnect(struct pppoe_softc *); 212 static void pppoe_abort_connect(struct pppoe_softc *); 213 static int pppoe_ioctl(struct ifnet *, unsigned long, void *); 214 static void pppoe_tls(struct sppp *); 215 static void pppoe_tlf(struct sppp *); 216 static void pppoe_start(struct ifnet *); 217 #ifdef PPPOE_MPSAFE 218 static int pppoe_transmit(struct ifnet *, struct mbuf *); 219 #endif 220 static void pppoe_clear_softc(struct pppoe_softc *, const char *); 221 static void pppoe_printf(struct pppoe_softc *, const char *, ...); 222 223 /* internal timeout handling */ 224 static void pppoe_timeout_co(void *); 225 static void pppoe_timeout_co_halt(void *); 226 static void pppoe_timeout_wk(struct work *, void *); 227 static void pppoe_timeout(struct pppoe_softc *); 228 229 /* sending actual protocol controll packets */ 230 static int pppoe_send_padi(struct pppoe_softc *); 231 static int pppoe_send_padr(struct pppoe_softc *); 232 #ifdef PPPOE_SERVER 233 static int pppoe_send_pado(struct pppoe_softc *); 234 static int pppoe_send_pads(struct pppoe_softc *); 235 #endif 236 static int pppoe_send_padt(struct ifnet *, u_int, const uint8_t *); 237 238 /* raw output */ 239 static int pppoe_output(struct pppoe_softc *, struct mbuf *); 240 241 /* internal helper functions */ 242 static struct pppoe_softc * pppoe_find_softc_by_session(u_int, struct ifnet *, 243 krw_t); 244 static struct pppoe_softc * pppoe_find_softc_by_hunique(uint8_t *, size_t, 245 struct ifnet *, krw_t); 246 static struct mbuf *pppoe_get_mbuf(size_t len); 247 248 static void pppoe_ifattach_hook(void *, unsigned long, void *); 249 250 static LIST_HEAD(pppoe_softc_head, pppoe_softc) pppoe_softc_list; 251 static krwlock_t pppoe_softc_list_lock; 252 253 static int pppoe_clone_create(struct if_clone *, int); 254 static int pppoe_clone_destroy(struct ifnet *); 255 256 static bool pppoe_term_unknown = false; 257 static int pppoe_term_unknown_pps = 1; 258 259 static struct sysctllog *pppoe_sysctl_clog; 260 static void sysctl_net_pppoe_setup(struct sysctllog **); 261 262 static struct if_clone pppoe_cloner = 263 IF_CLONE_INITIALIZER("pppoe", pppoe_clone_create, pppoe_clone_destroy); 264 265 /* ARGSUSED */ 266 void 267 pppoeattach(int count) 268 { 269 270 /* 271 * Nothing to do here, initialization is handled by the 272 * module initialization code in pppoeinit() below). 273 */ 274 } 275 276 static void 277 pppoeinit(void) 278 { 279 280 LIST_INIT(&pppoe_softc_list); 281 rw_init(&pppoe_softc_list_lock); 282 if_clone_attach(&pppoe_cloner); 283 284 pppoe_softintr = softint_establish(SOFTINT_MPSAFE|SOFTINT_NET, 285 pppoe_softintr_handler, NULL); 286 sysctl_net_pppoe_setup(&pppoe_sysctl_clog); 287 288 IFQ_LOCK_INIT(&ppoediscinq); 289 IFQ_LOCK_INIT(&ppoeinq); 290 } 291 292 static int 293 pppoedetach(void) 294 { 295 int error = 0; 296 297 rw_enter(&pppoe_softc_list_lock, RW_READER); 298 if (!LIST_EMPTY(&pppoe_softc_list)) { 299 rw_exit(&pppoe_softc_list_lock); 300 error = EBUSY; 301 } 302 303 if (error == 0) { 304 if_clone_detach(&pppoe_cloner); 305 softint_disestablish(pppoe_softintr); 306 /* Remove our sysctl sub-tree */ 307 sysctl_teardown(&pppoe_sysctl_clog); 308 } 309 310 return error; 311 } 312 313 static void 314 pppoe_softc_genid(uint64_t *id) 315 { 316 struct pppoe_softc *sc; 317 uint64_t rndid; 318 319 rw_enter(&pppoe_softc_list_lock, RW_READER); 320 321 while (1) { 322 rndid = cprng_strong64(); 323 324 sc = NULL; 325 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 326 if (sc->sc_id == rndid) 327 break; 328 } 329 if (sc == NULL) { 330 break; 331 } 332 } 333 334 rw_exit(&pppoe_softc_list_lock); 335 *id = rndid; 336 } 337 338 static int 339 pppoe_clone_create(struct if_clone *ifc, int unit) 340 { 341 struct pppoe_softc *sc; 342 int rv; 343 344 sc = malloc(sizeof(struct pppoe_softc), M_DEVBUF, M_WAITOK|M_ZERO); 345 346 pppoe_softc_genid(&sc->sc_id); 347 348 if_initname(&sc->sc_sppp.pp_if, "pppoe", unit); 349 sc->sc_sppp.pp_if.if_softc = sc; 350 sc->sc_sppp.pp_if.if_mtu = PPPOE_MAXMTU; 351 sc->sc_sppp.pp_if.if_flags = IFF_SIMPLEX|IFF_POINTOPOINT|IFF_MULTICAST; 352 #ifdef PPPOE_MPSAFE 353 sc->sc_sppp.pp_if.if_extflags = IFEF_MPSAFE; 354 #endif 355 sc->sc_sppp.pp_if.if_type = IFT_PPP; 356 sc->sc_sppp.pp_if.if_hdrlen = sizeof(struct ether_header) + PPPOE_HEADERLEN; 357 sc->sc_sppp.pp_if.if_dlt = DLT_PPP_ETHER; 358 sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */ 359 PP_NOFRAMING; /* no serial encapsulation */ 360 sc->sc_sppp.pp_if.if_ioctl = pppoe_ioctl; 361 IFQ_SET_MAXLEN(&sc->sc_sppp.pp_if.if_snd, IFQ_MAXLEN); 362 IFQ_SET_READY(&sc->sc_sppp.pp_if.if_snd); 363 364 /* changed to real address later */ 365 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 366 367 rv = workqueue_create(&sc->sc_timeout_wq, 368 sc->sc_sppp.pp_if.if_xname, pppoe_timeout_wk, sc, 369 PRI_SOFTNET, IPL_SOFTNET, 0); 370 if (rv != 0) { 371 free(sc, M_DEVBUF); 372 return rv; 373 } 374 375 callout_init(&sc->sc_timeout, CALLOUT_MPSAFE); 376 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co, sc); 377 378 sc->sc_sppp.pp_if.if_start = pppoe_start; 379 #ifdef PPPOE_MPSAFE 380 sc->sc_sppp.pp_if.if_transmit = pppoe_transmit; 381 #endif 382 sc->sc_sppp.pp_tls = pppoe_tls; 383 sc->sc_sppp.pp_tlf = pppoe_tlf; 384 sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN; /* framing added to ppp packets */ 385 386 rv = if_initialize(&sc->sc_sppp.pp_if); 387 if (rv != 0) { 388 workqueue_destroy(sc->sc_timeout_wq); 389 callout_halt(&sc->sc_timeout, NULL); 390 callout_destroy(&sc->sc_timeout); 391 free(sc, M_DEVBUF); 392 return rv; 393 } 394 sc->sc_sppp.pp_if.if_percpuq = if_percpuq_create(&sc->sc_sppp.pp_if); 395 sppp_attach(&sc->sc_sppp.pp_if); 396 397 bpf_attach(&sc->sc_sppp.pp_if, DLT_PPP_ETHER, 0); 398 rw_enter(&pppoe_softc_list_lock, RW_READER); 399 if (LIST_EMPTY(&pppoe_softc_list)) { 400 pfil_add_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 401 } 402 rw_exit(&pppoe_softc_list_lock); 403 404 if_register(&sc->sc_sppp.pp_if); 405 406 rw_init(&sc->sc_lock); 407 408 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 409 LIST_INSERT_HEAD(&pppoe_softc_list, sc, sc_list); 410 rw_exit(&pppoe_softc_list_lock); 411 return 0; 412 } 413 414 static int 415 pppoe_clone_destroy(struct ifnet *ifp) 416 { 417 struct pppoe_softc * sc = ifp->if_softc; 418 419 rw_enter(&pppoe_softc_list_lock, RW_WRITER); 420 421 PPPOE_LOCK(sc, RW_WRITER); 422 callout_setfunc(&sc->sc_timeout, pppoe_timeout_co_halt, sc); 423 workqueue_wait(sc->sc_timeout_wq, &sc->sc_timeout_wk); 424 callout_halt(&sc->sc_timeout, NULL); 425 426 LIST_REMOVE(sc, sc_list); 427 428 if (LIST_EMPTY(&pppoe_softc_list)) { 429 pfil_remove_ihook(pppoe_ifattach_hook, NULL, PFIL_IFNET, if_pfil); 430 } 431 rw_exit(&pppoe_softc_list_lock); 432 433 bpf_detach(ifp); 434 sppp_detach(&sc->sc_sppp.pp_if); 435 if_detach(ifp); 436 if (sc->sc_concentrator_name) 437 free(sc->sc_concentrator_name, M_DEVBUF); 438 if (sc->sc_service_name) 439 free(sc->sc_service_name, M_DEVBUF); 440 if (sc->sc_ac_cookie) 441 free(sc->sc_ac_cookie, M_DEVBUF); 442 if (sc->sc_relay_sid) 443 free(sc->sc_relay_sid, M_DEVBUF); 444 callout_destroy(&sc->sc_timeout); 445 workqueue_destroy(sc->sc_timeout_wq); 446 447 PPPOE_UNLOCK(sc); 448 rw_destroy(&sc->sc_lock); 449 450 free(sc, M_DEVBUF); 451 452 return 0; 453 } 454 455 static void 456 pppoe_printf(struct pppoe_softc *sc, const char *fmt, ...) 457 { 458 va_list ap; 459 bool pppoe_debug; 460 461 #ifdef PPPOE_DEBUG 462 pppoe_debug = true; 463 #else 464 pppoe_debug = false; 465 #endif 466 467 if (sc == NULL) { 468 if (!pppoe_debug) 469 return; 470 471 printf("pppoe: "); 472 } else { 473 if (!ISSET(sc->sc_sppp.pp_if.if_flags, IFF_DEBUG)) 474 return; 475 476 printf("%s: ", sc->sc_sppp.pp_if.if_xname); 477 } 478 479 va_start(ap, fmt); 480 vprintf(fmt, ap); 481 va_end(ap); 482 } 483 484 /* 485 * Find the interface handling the specified session. 486 * Note: O(number of sessions open), this is a client-side only, mean 487 * and lean implementation, so number of open sessions typically should 488 * be 1. 489 */ 490 static struct pppoe_softc * 491 pppoe_find_softc_by_session(u_int session, struct ifnet *rcvif, krw_t lock) 492 { 493 struct pppoe_softc *sc = NULL; 494 495 if (session == 0) 496 return NULL; 497 rw_enter(&pppoe_softc_list_lock, RW_READER); 498 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 499 PPPOE_LOCK(sc, lock); 500 if ( sc->sc_state == PPPOE_STATE_SESSION 501 && sc->sc_session == session 502 && sc->sc_eth_if == rcvif) 503 break; 504 505 PPPOE_UNLOCK(sc); 506 } 507 rw_exit(&pppoe_softc_list_lock); 508 return sc; 509 } 510 511 /* Check host unique token passed and return appropriate softc pointer, 512 * or NULL if token is bogus. */ 513 static struct pppoe_softc * 514 pppoe_find_softc_by_hunique(uint8_t *token, size_t len, 515 struct ifnet *rcvif, krw_t lock) 516 { 517 struct pppoe_softc *sc; 518 uint64_t t; 519 520 CTASSERT(sizeof(t) == sizeof(sc->sc_id)); 521 522 rw_enter(&pppoe_softc_list_lock, RW_READER); 523 if (LIST_EMPTY(&pppoe_softc_list)) { 524 rw_exit(&pppoe_softc_list_lock); 525 return NULL; 526 } 527 528 if (len != sizeof(sc->sc_id)) { 529 rw_exit(&pppoe_softc_list_lock); 530 return NULL; 531 } 532 memcpy(&t, token, len); 533 534 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 535 if (sc->sc_id == t) { 536 PPPOE_LOCK(sc, lock); 537 break; 538 } 539 } 540 rw_exit(&pppoe_softc_list_lock); 541 542 if (sc == NULL) { 543 pppoe_printf(NULL, "alien host unique tag" 544 ", no session found\n"); 545 return NULL; 546 } 547 548 /* should be safe to access *sc now */ 549 if (sc->sc_state < PPPOE_STATE_PADI_SENT || sc->sc_state >= PPPOE_STATE_SESSION) { 550 pppoe_printf(sc, "host unique tag found" 551 ", but it belongs to a connection in state %d\n", 552 sc->sc_state); 553 PPPOE_UNLOCK(sc); 554 return NULL; 555 } 556 if (sc->sc_eth_if != rcvif) { 557 pppoe_printf(sc, "wrong interface, not accepting host unique\n"); 558 PPPOE_UNLOCK(sc); 559 return NULL; 560 } 561 return sc; 562 } 563 564 static void 565 pppoe_softintr_handler(void *dummy) 566 { 567 /* called at splsoftnet() */ 568 pppoeintr(); 569 } 570 571 /* called at appropriate protection level */ 572 static void 573 pppoeintr(void) 574 { 575 struct mbuf *m; 576 int disc_done, data_done; 577 578 SOFTNET_LOCK_UNLESS_NET_MPSAFE(); 579 580 do { 581 disc_done = 0; 582 data_done = 0; 583 for (;;) { 584 IFQ_LOCK(&ppoediscinq); 585 IF_DEQUEUE(&ppoediscinq, m); 586 IFQ_UNLOCK(&ppoediscinq); 587 if (m == NULL) 588 break; 589 disc_done = 1; 590 pppoe_disc_input(m); 591 } 592 593 for (;;) { 594 IFQ_LOCK(&ppoeinq); 595 IF_DEQUEUE(&ppoeinq, m); 596 IFQ_UNLOCK(&ppoeinq); 597 if (m == NULL) 598 break; 599 data_done = 1; 600 pppoe_data_input(m); 601 } 602 } while (disc_done || data_done); 603 604 SOFTNET_UNLOCK_UNLESS_NET_MPSAFE(); 605 } 606 607 /* analyze and handle a single received packet while not in session state */ 608 static void 609 pppoe_dispatch_disc_pkt(struct mbuf *m, int off) 610 { 611 uint16_t tag, len; 612 uint16_t session, plen; 613 struct pppoe_softc *sc; 614 const char *err_msg; 615 char *error; 616 size_t dlen; 617 uint8_t *ac_cookie; 618 size_t ac_cookie_len; 619 uint8_t *relay_sid; 620 size_t relay_sid_len; 621 uint8_t *hunique; 622 size_t hunique_len; 623 struct pppoehdr *ph; 624 struct pppoetag *pt; 625 struct mbuf *n; 626 int noff, err, errortag; 627 struct ether_header *eh; 628 struct ifnet *rcvif; 629 struct psref psref; 630 631 if (m->m_len < sizeof(*eh)) { 632 m = m_pullup(m, sizeof(*eh)); 633 if (m == NULL) 634 goto done; 635 } 636 eh = mtod(m, struct ether_header *); 637 off += sizeof(*eh); 638 639 if (m->m_pkthdr.len - off <= PPPOE_HEADERLEN) { 640 goto done; 641 } 642 643 M_REGION_GET(ph, struct pppoehdr *, m, off, sizeof(*ph)); 644 if (ph == NULL) { 645 goto done; 646 } 647 if (ph->vertype != PPPOE_VERTYPE) { 648 goto done; 649 } 650 651 ac_cookie = NULL; 652 ac_cookie_len = 0; 653 relay_sid = NULL; 654 relay_sid_len = 0; 655 hunique = NULL; 656 hunique_len = 0; 657 658 session = ntohs(ph->session); 659 plen = ntohs(ph->plen); 660 off += sizeof(*ph); 661 662 if (plen + off > m->m_pkthdr.len) { 663 goto done; 664 } 665 m_adj(m, off + plen - m->m_pkthdr.len); /* ignore trailing garbage */ 666 667 tag = 0; 668 len = 0; 669 sc = NULL; 670 err_msg = NULL; 671 errortag = 0; 672 while (off + sizeof(*pt) <= m->m_pkthdr.len) { 673 M_REGION_GET(pt, struct pppoetag *, m, off, sizeof(*pt)); 674 if (pt == NULL) { 675 goto done; 676 } 677 678 tag = ntohs(pt->tag); 679 len = ntohs(pt->len); 680 if (off + len + sizeof(*pt) > m->m_pkthdr.len) { 681 goto done; 682 } 683 switch (tag) { 684 case PPPOE_TAG_EOL: 685 goto breakbreak; 686 case PPPOE_TAG_SNAME: 687 break; /* ignored */ 688 case PPPOE_TAG_ACNAME: 689 if (len > 0) { 690 dlen = 4 * len + 1; 691 error = malloc(dlen, M_TEMP, M_NOWAIT); 692 if (error == NULL) 693 break; 694 695 n = m_pulldown(m, off + sizeof(*pt), len, 696 &noff); 697 if (!n) { 698 m = NULL; 699 free(error, M_TEMP); 700 goto done; 701 } 702 703 strnvisx(error, dlen, 704 mtod(n, char*) + noff, len, 705 VIS_SAFE | VIS_OCTAL); 706 pppoe_printf(NULL, "connected to %s\n", error); 707 free(error, M_TEMP); 708 } 709 break; /* ignored */ 710 case PPPOE_TAG_HUNIQUE: 711 if (hunique == NULL) { 712 n = m_pulldown(m, off + sizeof(*pt), len, 713 &noff); 714 if (!n) { 715 m = NULL; 716 err_msg = "TAG HUNIQUE ERROR"; 717 break; 718 } 719 720 hunique = mtod(n, uint8_t *) + noff; 721 hunique_len = len; 722 } 723 break; 724 case PPPOE_TAG_ACCOOKIE: 725 if (ac_cookie == NULL) { 726 n = m_pulldown(m, off + sizeof(*pt), len, 727 &noff); 728 if (!n) { 729 err_msg = "TAG ACCOOKIE ERROR"; 730 m = NULL; 731 break; 732 } 733 ac_cookie = mtod(n, char *) + noff; 734 ac_cookie_len = len; 735 } 736 break; 737 case PPPOE_TAG_RELAYSID: 738 if (relay_sid == NULL) { 739 n = m_pulldown(m, off + sizeof(*pt), len, 740 &noff); 741 if (!n) { 742 err_msg = "TAG RELAYSID ERROR"; 743 m = NULL; 744 break; 745 } 746 relay_sid = mtod(n, char *) + noff; 747 relay_sid_len = len; 748 } 749 break; 750 case PPPOE_TAG_SNAME_ERR: 751 err_msg = "SERVICE NAME ERROR"; 752 errortag = 1; 753 break; 754 case PPPOE_TAG_ACSYS_ERR: 755 err_msg = "AC SYSTEM ERROR"; 756 errortag = 1; 757 break; 758 case PPPOE_TAG_GENERIC_ERR: 759 err_msg = "GENERIC ERROR"; 760 errortag = 1; 761 break; 762 } 763 if (err_msg) { 764 error = NULL; 765 if (errortag && len) { 766 dlen = 4 * len + 1; 767 error = malloc(dlen, M_TEMP, 768 M_NOWAIT|M_ZERO); 769 n = m_pulldown(m, off + sizeof(*pt), len, 770 &noff); 771 if (!n) { 772 m = NULL; 773 } else if (error) { 774 strnvisx(error, dlen, 775 mtod(n, char*) + noff, len, 776 VIS_SAFE | VIS_OCTAL); 777 } 778 } 779 if (error) { 780 pppoe_printf(NULL, "%s: %s\n", err_msg, error); 781 free(error, M_TEMP); 782 } else 783 pppoe_printf(NULL, "%s\n", err_msg); 784 if (errortag || m == NULL) 785 goto done; 786 } 787 off += sizeof(*pt) + len; 788 } 789 breakbreak:; 790 791 switch (ph->code) { 792 case PPPOE_CODE_PADI: 793 #ifdef PPPOE_SERVER 794 /* 795 * got service name, concentrator name, and/or host unique. 796 * ignore if we have no interfaces with IFF_PASSIVE|IFF_UP. 797 */ 798 rw_enter(&pppoe_softc_list_lock, RW_READER); 799 if (LIST_EMPTY(&pppoe_softc_list)) { 800 rw_exit(&pppoe_softc_list_lock); 801 goto done; 802 } 803 804 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 805 PPPOE_LOCK(sc, RW_WRITER); 806 if (!(sc->sc_sppp.pp_if.if_flags & IFF_UP)) { 807 PPPOE_UNLOCK(sc); 808 continue; 809 } 810 if (!(sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) { 811 PPPOE_UNLOCK(sc); 812 continue; 813 } 814 815 if (sc->sc_state == PPPOE_STATE_INITIAL) 816 break; 817 818 PPPOE_UNLOCK(sc); 819 } 820 rw_exit(&pppoe_softc_list_lock); 821 822 if (sc == NULL) { 823 goto done; 824 } 825 826 if (hunique) { 827 if (sc->sc_hunique) 828 free(sc->sc_hunique, M_DEVBUF); 829 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 830 M_DONTWAIT); 831 if (sc->sc_hunique == NULL) { 832 PPPOE_UNLOCK(sc); 833 goto done; 834 } 835 sc->sc_hunique_len = hunique_len; 836 memcpy(sc->sc_hunique, hunique, hunique_len); 837 } 838 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 839 sc->sc_state = PPPOE_STATE_PADO_SENT; 840 pppoe_send_pado(sc); 841 PPPOE_UNLOCK(sc); 842 break; 843 #endif /* PPPOE_SERVER */ 844 845 case PPPOE_CODE_PADR: 846 #ifdef PPPOE_SERVER 847 /* 848 * get sc from ac_cookie if IFF_PASSIVE 849 */ 850 if (ac_cookie == NULL) { 851 goto done; 852 } 853 854 rcvif = m_get_rcvif_psref(m, &psref); 855 if (__predict_true(rcvif != NULL)) { 856 sc = pppoe_find_softc_by_hunique(ac_cookie, 857 ac_cookie_len, rcvif, RW_WRITER); 858 } 859 m_put_rcvif_psref(rcvif, &psref); 860 if (sc == NULL) { 861 /* be quiet if there is not a single pppoe instance */ 862 rw_enter(&pppoe_softc_list_lock, RW_READER); 863 if (!LIST_EMPTY(&pppoe_softc_list)) { 864 pppoe_printf(NULL, "received PADR" 865 " but could not find request for it\n"); 866 } 867 rw_exit(&pppoe_softc_list_lock); 868 goto done; 869 } 870 871 if (sc->sc_state != PPPOE_STATE_PADO_SENT) { 872 pppoe_printf(sc, "received unexpected PADR\n"); 873 PPPOE_UNLOCK(sc); 874 goto done; 875 } 876 877 if (hunique) { 878 if (sc->sc_hunique) 879 free(sc->sc_hunique, M_DEVBUF); 880 sc->sc_hunique = malloc(hunique_len, M_DEVBUF, 881 M_DONTWAIT); 882 if (sc->sc_hunique == NULL) { 883 PPPOE_UNLOCK(sc); 884 goto done; 885 } 886 sc->sc_hunique_len = hunique_len; 887 memcpy(sc->sc_hunique, hunique, hunique_len); 888 } 889 pppoe_send_pads(sc); 890 sc->sc_state = PPPOE_STATE_SESSION; 891 PPPOE_UNLOCK(sc); 892 893 sc->sc_sppp.pp_up(&sc->sc_sppp); 894 break; 895 #else 896 /* ignore, we are no access concentrator */ 897 goto done; 898 #endif /* PPPOE_SERVER */ 899 900 case PPPOE_CODE_PADO: 901 rcvif = m_get_rcvif_psref(m, &psref); 902 if (__predict_false(rcvif == NULL)) 903 goto done; 904 905 if (hunique != NULL) { 906 sc = pppoe_find_softc_by_hunique(hunique, 907 hunique_len, rcvif, RW_WRITER); 908 } 909 910 m_put_rcvif_psref(rcvif, &psref); 911 912 if (sc == NULL) { 913 /* be quiet if there is not a single pppoe instance */ 914 rw_enter(&pppoe_softc_list_lock, RW_READER); 915 if (!LIST_EMPTY(&pppoe_softc_list)) { 916 pppoe_printf(NULL, "received PADO" 917 " but could not find request for it\n"); 918 } 919 rw_exit(&pppoe_softc_list_lock); 920 goto done; 921 } 922 923 if (sc->sc_state != PPPOE_STATE_PADI_SENT) { 924 pppoe_printf(sc, "received unexpected PADO\n"); 925 PPPOE_UNLOCK(sc); 926 goto done; 927 } 928 929 if (ac_cookie) { 930 if (sc->sc_ac_cookie) 931 free(sc->sc_ac_cookie, M_DEVBUF); 932 sc->sc_ac_cookie = malloc(ac_cookie_len, M_DEVBUF, 933 M_DONTWAIT); 934 if (sc->sc_ac_cookie == NULL) { 935 pppoe_printf(sc, "FATAL: could not allocate memory " 936 "for AC cookie\n"); 937 PPPOE_UNLOCK(sc); 938 goto done; 939 } 940 sc->sc_ac_cookie_len = ac_cookie_len; 941 memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len); 942 } 943 if (relay_sid) { 944 if (sc->sc_relay_sid) 945 free(sc->sc_relay_sid, M_DEVBUF); 946 sc->sc_relay_sid = malloc(relay_sid_len, M_DEVBUF, 947 M_DONTWAIT); 948 if (sc->sc_relay_sid == NULL) { 949 pppoe_printf(sc, "FATAL: could not allocate memory " 950 "for relay SID\n"); 951 PPPOE_UNLOCK(sc); 952 goto done; 953 } 954 sc->sc_relay_sid_len = relay_sid_len; 955 memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len); 956 } 957 memcpy(&sc->sc_dest, eh->ether_shost, sizeof sc->sc_dest); 958 callout_stop(&sc->sc_timeout); 959 sc->sc_padr_retried = 0; 960 sc->sc_state = PPPOE_STATE_PADR_SENT; 961 if ((err = pppoe_send_padr(sc)) != 0) { 962 pppoe_printf(sc, 963 "failed to send PADR, error=%d\n", err); 964 } 965 callout_schedule(&sc->sc_timeout, 966 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 967 968 PPPOE_UNLOCK(sc); 969 break; 970 971 case PPPOE_CODE_PADS: 972 rcvif = m_get_rcvif_psref(m, &psref); 973 if (__predict_false(rcvif == NULL)) 974 goto done; 975 976 if (hunique != NULL) { 977 sc = pppoe_find_softc_by_hunique(hunique, 978 hunique_len, rcvif, RW_WRITER); 979 } 980 981 m_put_rcvif_psref(rcvif, &psref); 982 983 if (sc == NULL) 984 goto done; 985 986 sc->sc_session = session; 987 callout_stop(&sc->sc_timeout); 988 pppoe_printf(sc, "session 0x%x connected\n", session); 989 sc->sc_state = PPPOE_STATE_SESSION; 990 PPPOE_UNLOCK(sc); 991 992 sc->sc_sppp.pp_up(&sc->sc_sppp); /* notify upper layers */ 993 break; 994 995 case PPPOE_CODE_PADT: 996 rcvif = m_get_rcvif_psref(m, &psref); 997 if (__predict_false(rcvif == NULL)) 998 goto done; 999 1000 sc = pppoe_find_softc_by_session(session, rcvif, 1001 RW_WRITER); 1002 1003 m_put_rcvif_psref(rcvif, &psref); 1004 1005 if (sc == NULL) 1006 goto done; 1007 1008 pppoe_clear_softc(sc, "received PADT"); 1009 if (sc->sc_sppp.pp_if.if_flags & IFF_RUNNING) 1010 callout_schedule(&sc->sc_timeout, PPPOE_RECON_FAST); 1011 PPPOE_UNLOCK(sc); 1012 break; 1013 1014 default: 1015 rcvif = m_get_rcvif_psref(m, &psref); 1016 if (__predict_false(rcvif == NULL)) 1017 goto done; 1018 1019 if (hunique != NULL) { 1020 sc = pppoe_find_softc_by_hunique(hunique, 1021 hunique_len, rcvif, RW_READER); 1022 } 1023 1024 m_put_rcvif_psref(rcvif, &psref); 1025 1026 pppoe_printf(sc, "unknown code (0x%04x) session = 0x%04x\n", 1027 ph->code, session); 1028 if (sc == NULL) 1029 goto done; 1030 PPPOE_UNLOCK(sc); 1031 break; 1032 } 1033 1034 done: 1035 if (m) 1036 m_freem(m); 1037 return; 1038 } 1039 1040 static void 1041 pppoe_disc_input(struct mbuf *m) 1042 { 1043 KASSERT(m->m_flags & M_PKTHDR); 1044 1045 /* 1046 * Avoid error messages if there is not a single PPPoE instance. 1047 */ 1048 rw_enter(&pppoe_softc_list_lock, RW_READER); 1049 if (!LIST_EMPTY(&pppoe_softc_list)) { 1050 rw_exit(&pppoe_softc_list_lock); 1051 pppoe_dispatch_disc_pkt(m, 0); 1052 } else { 1053 rw_exit(&pppoe_softc_list_lock); 1054 m_freem(m); 1055 } 1056 } 1057 1058 static bool 1059 pppoe_is_my_frame(uint8_t *dhost, struct ifnet *rcvif) 1060 { 1061 1062 if (memcmp(CLLADDR(rcvif->if_sadl), dhost, ETHER_ADDR_LEN) == 0) 1063 return true; 1064 1065 return false; 1066 } 1067 1068 static void 1069 pppoe_data_input(struct mbuf *m) 1070 { 1071 uint16_t session, plen; 1072 struct pppoe_softc *sc; 1073 struct pppoehdr *ph; 1074 struct ifnet *rcvif; 1075 struct psref psref; 1076 uint8_t shost[ETHER_ADDR_LEN]; 1077 uint8_t dhost[ETHER_ADDR_LEN]; 1078 bool term_unknown = pppoe_term_unknown; 1079 1080 KASSERT(m->m_flags & M_PKTHDR); 1081 1082 /* 1083 * Avoid error messages if there is not a single PPPoE instance. 1084 */ 1085 rw_enter(&pppoe_softc_list_lock, RW_READER); 1086 if (LIST_EMPTY(&pppoe_softc_list)) { 1087 rw_exit(&pppoe_softc_list_lock); 1088 goto drop; 1089 } 1090 rw_exit(&pppoe_softc_list_lock); 1091 1092 if (term_unknown) { 1093 memcpy(shost, mtod(m, struct ether_header*)->ether_shost, 1094 ETHER_ADDR_LEN); 1095 memcpy(dhost, mtod(m, struct ether_header*)->ether_dhost, 1096 ETHER_ADDR_LEN); 1097 } 1098 m_adj(m, sizeof(struct ether_header)); 1099 if (m->m_pkthdr.len <= PPPOE_HEADERLEN) { 1100 goto drop; 1101 } 1102 1103 if (m->m_len < sizeof(*ph)) { 1104 m = m_pullup(m, sizeof(*ph)); 1105 if (m == NULL) { 1106 return; 1107 } 1108 } 1109 ph = mtod(m, struct pppoehdr *); 1110 1111 if (ph->vertype != PPPOE_VERTYPE) { 1112 goto drop; 1113 } 1114 if (ph->code != 0) { 1115 goto drop; 1116 } 1117 1118 session = ntohs(ph->session); 1119 rcvif = m_get_rcvif_psref(m, &psref); 1120 if (__predict_false(rcvif == NULL)) 1121 goto drop; 1122 sc = pppoe_find_softc_by_session(session, rcvif, RW_READER); 1123 if (sc == NULL) { 1124 if (term_unknown) { 1125 static struct timeval lasttime = {0, 0}; 1126 static int curpps = 0; 1127 /* 1128 * avoid to send wrong PADT which is response from 1129 * session stage packets for other hosts when parent 1130 * ethernet is promiscuous mode. 1131 */ 1132 if (pppoe_is_my_frame(dhost, rcvif) && 1133 ppsratecheck(&lasttime, &curpps, 1134 pppoe_term_unknown_pps)) { 1135 pppoe_printf(NULL, "input for unknown session %#x, " 1136 "sending PADT\n", session); 1137 pppoe_send_padt(rcvif, session, shost); 1138 } 1139 } 1140 m_put_rcvif_psref(rcvif, &psref); 1141 goto drop; 1142 } 1143 1144 m_put_rcvif_psref(rcvif, &psref); 1145 1146 plen = ntohs(ph->plen); 1147 1148 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_IN); 1149 1150 m_adj(m, PPPOE_HEADERLEN); 1151 1152 #ifdef PPPOE_DEBUG 1153 { 1154 struct mbuf *p; 1155 1156 printf("%s: pkthdr.len=%d, pppoe.len=%d", 1157 sc->sc_sppp.pp_if.if_xname, m->m_pkthdr.len, plen); 1158 p = m; 1159 while (p) { 1160 printf(" l=%d", p->m_len); 1161 p = p->m_next; 1162 } 1163 printf("\n"); 1164 } 1165 #endif 1166 PPPOE_UNLOCK(sc); 1167 1168 if (m->m_pkthdr.len < plen) 1169 goto drop; 1170 1171 /* ignore trailing garbage */ 1172 m_adj(m, plen - m->m_pkthdr.len); 1173 /* 1174 * Fix incoming interface pointer (not the raw ethernet interface 1175 * anymore) 1176 */ 1177 m_set_rcvif(m, &sc->sc_sppp.pp_if); 1178 1179 /* pass packet up and account for it */ 1180 if_statinc(&sc->sc_sppp.pp_if, if_ipackets); 1181 sppp_input(&sc->sc_sppp.pp_if, m); 1182 return; 1183 1184 drop: 1185 m_freem(m); 1186 } 1187 1188 static int 1189 pppoe_output(struct pppoe_softc *sc, struct mbuf *m) 1190 { 1191 struct sockaddr dst; 1192 struct ether_header *eh; 1193 uint16_t etype; 1194 1195 if (sc->sc_eth_if == NULL) { 1196 m_freem(m); 1197 return EIO; 1198 } 1199 1200 memset(&dst, 0, sizeof dst); 1201 dst.sa_family = AF_UNSPEC; 1202 eh = (struct ether_header*)&dst.sa_data; 1203 etype = sc->sc_state == PPPOE_STATE_SESSION 1204 ? ETHERTYPE_PPPOE : ETHERTYPE_PPPOEDISC; 1205 eh->ether_type = htons(etype); 1206 memcpy(&eh->ether_dhost, &sc->sc_dest, sizeof sc->sc_dest); 1207 1208 DPRINTF(sc, "(%x) state=%d, session=0x%x output -> %s, len=%d\n", 1209 etype, sc->sc_state, sc->sc_session, 1210 ether_sprintf((const unsigned char *)&sc->sc_dest), m->m_pkthdr.len); 1211 1212 m->m_flags &= ~(M_BCAST|M_MCAST); 1213 if_statinc(&sc->sc_sppp.pp_if, if_opackets); 1214 return if_output_lock(sc->sc_eth_if, sc->sc_eth_if, m, &dst, NULL); 1215 } 1216 1217 static int 1218 pppoe_parm_cpyinstr(struct pppoe_softc *sc, 1219 char **dst, const void *src, size_t len) 1220 { 1221 int error = 0; 1222 char *next = NULL; 1223 size_t bufsiz, cpysiz, strsiz; 1224 1225 bufsiz = len + 1; 1226 1227 if (src == NULL) 1228 goto out; 1229 1230 bufsiz = len + 1; 1231 next = malloc(bufsiz, M_DEVBUF, M_WAITOK); 1232 if (next == NULL) 1233 return ENOMEM; 1234 1235 error = copyinstr(src, next, bufsiz, &cpysiz); 1236 if (error != 0) 1237 goto fail; 1238 if (cpysiz != bufsiz) { 1239 error = EINVAL; 1240 goto fail; 1241 } 1242 1243 strsiz = strnlen(next, bufsiz); 1244 if (strsiz == bufsiz) { 1245 error = EINVAL; 1246 goto fail; 1247 } 1248 1249 out: 1250 PPPOE_LOCK(sc, RW_WRITER); 1251 if (*dst != NULL) 1252 free(*dst, M_DEVBUF); 1253 *dst = next; 1254 next = NULL; 1255 PPPOE_UNLOCK(sc); 1256 fail: 1257 if (next != NULL) 1258 free(next, M_DEVBUF); 1259 1260 return error; 1261 } 1262 1263 static int 1264 pppoe_ioctl(struct ifnet *ifp, unsigned long cmd, void *data) 1265 { 1266 struct lwp *l = curlwp; /* XXX */ 1267 struct pppoe_softc *sc = (struct pppoe_softc*)ifp; 1268 struct ifreq *ifr = data; 1269 int error = 0; 1270 1271 switch (cmd) { 1272 case PPPOESETPARMS: 1273 { 1274 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1275 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_INTERFACE, 1276 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd, 1277 NULL) != 0) 1278 return EPERM; 1279 if (parms->eth_ifname[0] != 0) { 1280 struct ifnet *eth_if; 1281 1282 PPPOE_LOCK(sc, RW_WRITER); 1283 eth_if = ifunit(parms->eth_ifname); 1284 if (eth_if == NULL || eth_if->if_dlt != DLT_EN10MB) { 1285 sc->sc_eth_if = NULL; 1286 PPPOE_UNLOCK(sc); 1287 return ENXIO; 1288 } 1289 1290 if (sc->sc_sppp.pp_if.if_mtu != 1291 eth_if->if_mtu - PPPOE_OVERHEAD) { 1292 sc->sc_sppp.pp_if.if_mtu = eth_if->if_mtu - 1293 PPPOE_OVERHEAD; 1294 } 1295 sc->sc_eth_if = eth_if; 1296 PPPOE_UNLOCK(sc); 1297 } 1298 1299 error = pppoe_parm_cpyinstr(sc, &sc->sc_concentrator_name, 1300 parms->ac_name, parms->ac_name_len); 1301 if (error != 0) 1302 return error; 1303 1304 error = pppoe_parm_cpyinstr(sc, &sc->sc_service_name, 1305 parms->service_name, parms->service_name_len); 1306 if (error != 0) 1307 return error; 1308 return 0; 1309 } 1310 break; 1311 case PPPOEGETPARMS: 1312 { 1313 struct pppoediscparms *parms = (struct pppoediscparms*)data; 1314 memset(parms, 0, sizeof *parms); 1315 PPPOE_LOCK(sc, RW_READER); 1316 if (sc->sc_eth_if) 1317 strlcpy(parms->ifname, sc->sc_eth_if->if_xname, 1318 sizeof(parms->ifname)); 1319 PPPOE_UNLOCK(sc); 1320 return 0; 1321 } 1322 break; 1323 case PPPOEGETSESSION: 1324 { 1325 struct pppoeconnectionstate *state = (struct pppoeconnectionstate*)data; 1326 PPPOE_LOCK(sc, RW_READER); 1327 state->state = sc->sc_state; 1328 state->session_id = sc->sc_session; 1329 state->padi_retry_no = sc->sc_padi_retried; 1330 state->padr_retry_no = sc->sc_padr_retried; 1331 PPPOE_UNLOCK(sc); 1332 return 0; 1333 } 1334 break; 1335 case SIOCSIFFLAGS: 1336 /* 1337 * Prevent running re-establishment timers overriding 1338 * administrators choice. 1339 */ 1340 PPPOE_LOCK(sc, RW_WRITER); 1341 1342 if ((ifr->ifr_flags & IFF_UP) == 0 1343 && sc->sc_state < PPPOE_STATE_SESSION) { 1344 callout_stop(&sc->sc_timeout); 1345 sc->sc_state = PPPOE_STATE_INITIAL; 1346 sc->sc_padi_retried = 0; 1347 sc->sc_padr_retried = 0; 1348 memcpy(&sc->sc_dest, etherbroadcastaddr, 1349 sizeof(sc->sc_dest)); 1350 } 1351 1352 PPPOE_UNLOCK(sc); 1353 1354 error = sppp_ioctl(ifp, cmd, data); 1355 1356 return error; 1357 case SIOCSIFMTU: 1358 if (ifr->ifr_mtu > (sc->sc_eth_if == NULL ? 1359 PPPOE_MAXMTU : (sc->sc_eth_if->if_mtu - PPPOE_OVERHEAD))) { 1360 return EINVAL; 1361 } 1362 /*FALLTHROUGH*/ 1363 default: 1364 return sppp_ioctl(ifp, cmd, data); 1365 } 1366 return 0; 1367 } 1368 1369 /* 1370 * Allocate a mbuf/cluster with space to store the given data length 1371 * of payload, leaving space for prepending an ethernet header 1372 * in front. 1373 */ 1374 static struct mbuf * 1375 pppoe_get_mbuf(size_t len) 1376 { 1377 struct mbuf *m; 1378 1379 MGETHDR(m, M_DONTWAIT, MT_DATA); 1380 if (m == NULL) 1381 return NULL; 1382 if (len + sizeof(struct ether_header) > MHLEN) { 1383 MCLGET(m, M_DONTWAIT); 1384 if ((m->m_flags & M_EXT) == 0) { 1385 m_free(m); 1386 return NULL; 1387 } 1388 } 1389 m->m_data += sizeof(struct ether_header); 1390 m->m_len = len; 1391 m->m_pkthdr.len = len; 1392 m_reset_rcvif(m); 1393 1394 return m; 1395 } 1396 1397 static int 1398 pppoe_send_padi(struct pppoe_softc *sc) 1399 { 1400 struct mbuf *m0; 1401 int len, l1 = 0, l2 = 0; 1402 uint8_t *p; 1403 1404 if (sc->sc_state > PPPOE_STATE_PADI_SENT) 1405 panic("pppoe_send_padi in state %d", sc->sc_state); 1406 1407 /* Compute packet length. */ 1408 len = sizeof(struct pppoetag); 1409 if (sc->sc_service_name != NULL) { 1410 l1 = strlen(sc->sc_service_name); 1411 len += l1; 1412 } 1413 if (sc->sc_concentrator_name != NULL) { 1414 l2 = strlen(sc->sc_concentrator_name); 1415 len += sizeof(struct pppoetag) + l2; 1416 } 1417 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1418 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1419 len += sizeof(struct pppoetag) + 2; 1420 } 1421 1422 /* Allocate packet. */ 1423 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1424 if (m0 == NULL) 1425 return ENOBUFS; 1426 1427 /* Fill in packet. */ 1428 p = mtod(m0, uint8_t *); 1429 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADI, 0, len); 1430 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1431 if (sc->sc_service_name != NULL) { 1432 PPPOE_ADD_16(p, l1); 1433 memcpy(p, sc->sc_service_name, l1); 1434 p += l1; 1435 } else { 1436 PPPOE_ADD_16(p, 0); 1437 } 1438 if (sc->sc_concentrator_name != NULL) { 1439 PPPOE_ADD_16(p, PPPOE_TAG_ACNAME); 1440 PPPOE_ADD_16(p, l2); 1441 memcpy(p, sc->sc_concentrator_name, l2); 1442 p += l2; 1443 } 1444 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1445 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1446 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1447 p += sizeof(sc->sc_id); 1448 1449 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1450 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1451 PPPOE_ADD_16(p, 2); 1452 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1453 } 1454 1455 #ifdef PPPOE_DEBUG 1456 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1457 panic("pppoe_send_padi: garbled output len, should be %ld, is %ld", 1458 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1459 #endif 1460 1461 /* Send packet. */ 1462 return pppoe_output(sc, m0); 1463 } 1464 1465 static void 1466 pppoe_timeout_co(void *arg) 1467 { 1468 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1469 1470 if (atomic_swap_uint(&sc->sc_timeout_scheduled, 1) != 0) 1471 return; 1472 1473 workqueue_enqueue(sc->sc_timeout_wq, &sc->sc_timeout_wk, NULL); 1474 } 1475 1476 static void 1477 pppoe_timeout_co_halt(void *unused __unused) 1478 { 1479 1480 /* do nothing to halt callout safely */ 1481 } 1482 1483 static void 1484 pppoe_timeout_wk(struct work *wk __unused, void *arg) 1485 { 1486 struct pppoe_softc *sc = (struct pppoe_softc *)arg; 1487 1488 atomic_swap_uint(&sc->sc_timeout_scheduled, 0); 1489 pppoe_timeout(sc); 1490 } 1491 1492 static void 1493 pppoe_timeout(struct pppoe_softc *sc) 1494 { 1495 int retry_wait, err; 1496 DECLARE_SPLNET_VARIABLE; 1497 1498 pppoe_printf(sc, "timeout\n"); 1499 1500 PPPOE_LOCK(sc, RW_WRITER); 1501 switch (sc->sc_state) { 1502 case PPPOE_STATE_INITIAL: 1503 /* delayed connect from pppoe_tls() */ 1504 pppoe_connect(sc); 1505 break; 1506 case PPPOE_STATE_PADI_SENT: 1507 /* 1508 * We have two basic ways of retrying: 1509 * - Quick retry mode: try a few times in short sequence 1510 * - Slow retry mode: we already had a connection successfully 1511 * established and will try infinitely (without user 1512 * intervention) 1513 * We only enter slow retry mode if IFF_LINK1 (aka autodial) 1514 * is not set. 1515 */ 1516 1517 /* initialize for quick retry mode */ 1518 retry_wait = PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried); 1519 1520 ACQUIRE_SPLNET(); 1521 sc->sc_padi_retried++; 1522 if (sc->sc_padi_retried >= PPPOE_DISC_MAXPADI) { 1523 if ((sc->sc_sppp.pp_if.if_flags & IFF_LINK1) == 0) { 1524 /* slow retry mode */ 1525 retry_wait = PPPOE_SLOW_RETRY; 1526 } else { 1527 pppoe_abort_connect(sc); 1528 RELEASE_SPLNET(); 1529 PPPOE_UNLOCK(sc); 1530 return; 1531 } 1532 } 1533 if ((err = pppoe_send_padi(sc)) != 0) { 1534 sc->sc_padi_retried--; 1535 pppoe_printf(sc, 1536 "failed to transmit PADI, error=%d\n", err); 1537 } 1538 callout_schedule(&sc->sc_timeout,retry_wait); 1539 RELEASE_SPLNET(); 1540 break; 1541 1542 case PPPOE_STATE_PADR_SENT: 1543 ACQUIRE_SPLNET(); 1544 sc->sc_padr_retried++; 1545 if (sc->sc_padr_retried >= PPPOE_DISC_MAXPADR) { 1546 memcpy(&sc->sc_dest, etherbroadcastaddr, 1547 sizeof(sc->sc_dest)); 1548 sc->sc_state = PPPOE_STATE_PADI_SENT; 1549 sc->sc_padr_retried = 0; 1550 if ((err = pppoe_send_padi(sc)) != 0) { 1551 pppoe_printf(sc, 1552 "failed to send PADI, error=%d\n", err); 1553 } 1554 callout_schedule(&sc->sc_timeout, 1555 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padi_retried)); 1556 RELEASE_SPLNET(); 1557 PPPOE_UNLOCK(sc); 1558 return; 1559 } 1560 if ((err = pppoe_send_padr(sc)) != 0) { 1561 sc->sc_padr_retried--; 1562 pppoe_printf(sc,"failed to send PADR, error=%d", err); 1563 } 1564 callout_schedule(&sc->sc_timeout, 1565 PPPOE_DISC_TIMEOUT * (1 + sc->sc_padr_retried)); 1566 RELEASE_SPLNET(); 1567 break; 1568 case PPPOE_STATE_CLOSING: 1569 pppoe_disconnect(sc); 1570 break; 1571 default: 1572 PPPOE_UNLOCK(sc); 1573 return; /* all done, work in peace */ 1574 } 1575 PPPOE_UNLOCK(sc); 1576 } 1577 1578 /* Start a connection (i.e. initiate discovery phase) */ 1579 static int 1580 pppoe_connect(struct pppoe_softc *sc) 1581 { 1582 int err; 1583 DECLARE_SPLNET_VARIABLE; 1584 1585 KASSERT(PPPOE_WLOCKED(sc)); 1586 1587 if (sc->sc_state != PPPOE_STATE_INITIAL) 1588 return EBUSY; 1589 1590 #ifdef PPPOE_SERVER 1591 /* wait PADI if IFF_PASSIVE */ 1592 if ((sc->sc_sppp.pp_if.if_flags & IFF_PASSIVE)) 1593 return 0; 1594 #endif 1595 ACQUIRE_SPLNET(); 1596 /* save state, in case we fail to send PADI */ 1597 sc->sc_state = PPPOE_STATE_PADI_SENT; 1598 sc->sc_padr_retried = 0; 1599 err = pppoe_send_padi(sc); 1600 if (err != 0) 1601 pppoe_printf(sc, "failed to send PADI, error=%d\n", err); 1602 callout_schedule(&sc->sc_timeout, PPPOE_DISC_TIMEOUT); 1603 RELEASE_SPLNET(); 1604 return err; 1605 } 1606 1607 /* disconnect */ 1608 static int 1609 pppoe_disconnect(struct pppoe_softc *sc) 1610 { 1611 int err; 1612 DECLARE_SPLNET_VARIABLE; 1613 1614 KASSERT(PPPOE_WLOCKED(sc)); 1615 1616 ACQUIRE_SPLNET(); 1617 1618 if (sc->sc_state < PPPOE_STATE_SESSION) 1619 err = EBUSY; 1620 else { 1621 pppoe_printf(sc, "disconnecting\n"); 1622 err = pppoe_send_padt(sc->sc_eth_if, sc->sc_session, 1623 (const uint8_t *)&sc->sc_dest); 1624 } 1625 1626 /* cleanup softc */ 1627 sc->sc_state = PPPOE_STATE_INITIAL; 1628 1629 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1630 if (sc->sc_ac_cookie) { 1631 free(sc->sc_ac_cookie, M_DEVBUF); 1632 sc->sc_ac_cookie = NULL; 1633 } 1634 sc->sc_ac_cookie_len = 0; 1635 if (sc->sc_relay_sid) { 1636 free(sc->sc_relay_sid, M_DEVBUF); 1637 sc->sc_relay_sid = NULL; 1638 } 1639 sc->sc_relay_sid_len = 0; 1640 #ifdef PPPOE_SERVER 1641 if (sc->sc_hunique) { 1642 free(sc->sc_hunique, M_DEVBUF); 1643 sc->sc_hunique = NULL; 1644 } 1645 sc->sc_hunique_len = 0; 1646 #endif 1647 sc->sc_session = 0; 1648 1649 PPPOE_UNLOCK(sc); 1650 1651 /* notify upper layer */ 1652 sc->sc_sppp.pp_down(&sc->sc_sppp); 1653 1654 PPPOE_LOCK(sc, RW_WRITER); 1655 1656 RELEASE_SPLNET(); 1657 return err; 1658 } 1659 1660 /* Connection attempt aborted */ 1661 static void 1662 pppoe_abort_connect(struct pppoe_softc *sc) 1663 { 1664 KASSERT(PPPOE_WLOCKED(sc)); 1665 1666 pppoe_printf(sc, "could not establish connection\n"); 1667 sc->sc_state = PPPOE_STATE_CLOSING; 1668 1669 PPPOE_UNLOCK(sc); 1670 1671 /* notify upper layer */ 1672 sc->sc_sppp.pp_down(&sc->sc_sppp); 1673 1674 PPPOE_LOCK(sc, RW_WRITER); 1675 1676 /* clear connection state */ 1677 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 1678 sc->sc_state = PPPOE_STATE_INITIAL; 1679 } 1680 1681 static int 1682 pppoe_send_padr(struct pppoe_softc *sc) 1683 { 1684 struct mbuf *m0; 1685 uint8_t *p; 1686 size_t len, l1 = 0; 1687 1688 if (sc->sc_state != PPPOE_STATE_PADR_SENT) 1689 return EIO; 1690 1691 /* Compute packet length. */ 1692 len = sizeof(struct pppoetag); 1693 if (sc->sc_service_name != NULL) { 1694 l1 = strlen(sc->sc_service_name); 1695 len += l1; 1696 } 1697 if (sc->sc_ac_cookie_len > 0) { 1698 len += sizeof(struct pppoetag) + sc->sc_ac_cookie_len; 1699 } 1700 if (sc->sc_relay_sid_len > 0) { 1701 len += sizeof(struct pppoetag) + sc->sc_relay_sid_len; 1702 } 1703 len += sizeof(struct pppoetag) + sizeof(sc->sc_id); 1704 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1705 len += sizeof(struct pppoetag) + 2; 1706 } 1707 1708 /* Allocate packet. */ 1709 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1710 if (m0 == NULL) 1711 return ENOBUFS; 1712 1713 /* Fill in packet. */ 1714 p = mtod(m0, uint8_t *); 1715 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADR, 0, len); 1716 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1717 if (sc->sc_service_name != NULL) { 1718 PPPOE_ADD_16(p, l1); 1719 memcpy(p, sc->sc_service_name, l1); 1720 p += l1; 1721 } else { 1722 PPPOE_ADD_16(p, 0); 1723 } 1724 if (sc->sc_ac_cookie_len > 0) { 1725 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1726 PPPOE_ADD_16(p, sc->sc_ac_cookie_len); 1727 memcpy(p, sc->sc_ac_cookie, sc->sc_ac_cookie_len); 1728 p += sc->sc_ac_cookie_len; 1729 } 1730 if (sc->sc_relay_sid_len > 0) { 1731 PPPOE_ADD_16(p, PPPOE_TAG_RELAYSID); 1732 PPPOE_ADD_16(p, sc->sc_relay_sid_len); 1733 memcpy(p, sc->sc_relay_sid, sc->sc_relay_sid_len); 1734 p += sc->sc_relay_sid_len; 1735 } 1736 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1737 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1738 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1739 p += sizeof(sc->sc_id); 1740 1741 if (sc->sc_sppp.pp_if.if_mtu > PPPOE_MAXMTU) { 1742 PPPOE_ADD_16(p, PPPOE_TAG_MAX_PAYLOAD); 1743 PPPOE_ADD_16(p, 2); 1744 PPPOE_ADD_16(p, (uint16_t)sc->sc_sppp.pp_if.if_mtu); 1745 } 1746 1747 #ifdef PPPOE_DEBUG 1748 if (p - mtod(m0, uint8_t *) != len + PPPOE_HEADERLEN) 1749 panic("pppoe_send_padr: garbled output len, should be %ld, is %ld", 1750 (long)(len + PPPOE_HEADERLEN), (long)(p - mtod(m0, uint8_t *))); 1751 #endif 1752 1753 /* Send packet. */ 1754 return pppoe_output(sc, m0); 1755 } 1756 1757 /* send a PADT packet */ 1758 static int 1759 pppoe_send_padt(struct ifnet *outgoing_if, u_int session, const uint8_t *dest) 1760 { 1761 struct ether_header *eh; 1762 struct sockaddr dst; 1763 struct mbuf *m0; 1764 uint8_t *p; 1765 1766 m0 = pppoe_get_mbuf(PPPOE_HEADERLEN); 1767 if (!m0) 1768 return EIO; 1769 p = mtod(m0, uint8_t *); 1770 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADT, session, 0); 1771 1772 memset(&dst, 0, sizeof dst); 1773 dst.sa_family = AF_UNSPEC; 1774 eh = (struct ether_header*)&dst.sa_data; 1775 eh->ether_type = htons(ETHERTYPE_PPPOEDISC); 1776 memcpy(&eh->ether_dhost, dest, ETHER_ADDR_LEN); 1777 1778 m0->m_flags &= ~(M_BCAST|M_MCAST); 1779 return if_output_lock(outgoing_if, outgoing_if, m0, &dst, NULL); 1780 } 1781 1782 #ifdef PPPOE_SERVER 1783 static int 1784 pppoe_send_pado(struct pppoe_softc *sc) 1785 { 1786 struct mbuf *m0; 1787 uint8_t *p; 1788 size_t len; 1789 1790 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1791 return EIO; 1792 1793 /* Include AC cookie. */ 1794 len = sizeof(struct pppoetag) + sizeof(sc->sc_id); 1795 /* Include hunique. */ 1796 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1797 1798 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1799 if (!m0) 1800 return EIO; 1801 p = mtod(m0, uint8_t *); 1802 1803 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADO, 0, len); 1804 PPPOE_ADD_16(p, PPPOE_TAG_ACCOOKIE); 1805 PPPOE_ADD_16(p, sizeof(sc->sc_id)); 1806 memcpy(p, &sc->sc_id, sizeof(sc->sc_id)); 1807 p += sizeof(sc->sc_id); 1808 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1809 PPPOE_ADD_16(p, sc->sc_hunique_len); 1810 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1811 return pppoe_output(sc, m0); 1812 } 1813 1814 static int 1815 pppoe_send_pads(struct pppoe_softc *sc) 1816 { 1817 struct bintime bt; 1818 struct mbuf *m0; 1819 uint8_t *p; 1820 size_t len, l1 = 0; /* XXX: gcc */ 1821 1822 KASSERT(PPPOE_WLOCKED(sc)); 1823 1824 if (sc->sc_state != PPPOE_STATE_PADO_SENT) 1825 return EIO; 1826 1827 getbinuptime(&bt); 1828 sc->sc_session = bt.sec % 0xff + 1; 1829 1830 /* Include service name. */ 1831 len = sizeof(struct pppoetag); 1832 if (sc->sc_service_name != NULL) { 1833 l1 = strlen(sc->sc_service_name); 1834 len += l1; 1835 } 1836 /* Include hunique. */ 1837 len += sizeof(struct pppoetag) + sc->sc_hunique_len; 1838 1839 m0 = pppoe_get_mbuf(len + PPPOE_HEADERLEN); 1840 if (!m0) 1841 return ENOBUFS; 1842 p = mtod(m0, uint8_t *); 1843 1844 PPPOE_ADD_HEADER(p, PPPOE_CODE_PADS, sc->sc_session, len); 1845 PPPOE_ADD_16(p, PPPOE_TAG_SNAME); 1846 if (sc->sc_service_name != NULL) { 1847 PPPOE_ADD_16(p, l1); 1848 memcpy(p, sc->sc_service_name, l1); 1849 p += l1; 1850 } else { 1851 PPPOE_ADD_16(p, 0); 1852 } 1853 PPPOE_ADD_16(p, PPPOE_TAG_HUNIQUE); 1854 PPPOE_ADD_16(p, sc->sc_hunique_len); 1855 memcpy(p, sc->sc_hunique, sc->sc_hunique_len); 1856 return pppoe_output(sc, m0); 1857 } 1858 #endif 1859 1860 static void 1861 pppoe_tls(struct sppp *sp) 1862 { 1863 struct pppoe_softc *sc = (void *)sp; 1864 int wtime; 1865 1866 PPPOE_LOCK(sc, RW_READER); 1867 1868 if (sc->sc_state != PPPOE_STATE_INITIAL) { 1869 PPPOE_UNLOCK(sc); 1870 return; 1871 } 1872 1873 if (sc->sc_sppp.pp_phase == SPPP_PHASE_ESTABLISH && 1874 sc->sc_sppp.pp_auth_failures > 0) { 1875 /* 1876 * Delay trying to reconnect a bit more - the peer 1877 * might have failed to contact its radius server. 1878 */ 1879 wtime = PPPOE_RECON_FAST * sc->sc_sppp.pp_auth_failures; 1880 if (wtime > PPPOE_SLOW_RETRY) 1881 wtime = PPPOE_SLOW_RETRY; 1882 } else { 1883 wtime = PPPOE_RECON_IMMEDIATE; 1884 } 1885 callout_schedule(&sc->sc_timeout, wtime); 1886 1887 PPPOE_UNLOCK(sc); 1888 } 1889 1890 static void 1891 pppoe_tlf(struct sppp *sp) 1892 { 1893 struct pppoe_softc *sc = (void *)sp; 1894 1895 PPPOE_LOCK(sc, RW_WRITER); 1896 1897 if (sc->sc_state < PPPOE_STATE_SESSION) { 1898 callout_stop(&sc->sc_timeout); 1899 sc->sc_state = PPPOE_STATE_INITIAL; 1900 sc->sc_padi_retried = 0; 1901 sc->sc_padr_retried = 0; 1902 memcpy(&sc->sc_dest, etherbroadcastaddr, 1903 sizeof(sc->sc_dest)); 1904 PPPOE_UNLOCK(sc); 1905 return; 1906 } 1907 1908 /* 1909 * Do not call pppoe_disconnect here, the upper layer state 1910 * machine gets confused by this. We must return from this 1911 * function and defer disconnecting to the timeout handler. 1912 */ 1913 sc->sc_state = PPPOE_STATE_CLOSING; 1914 1915 callout_schedule(&sc->sc_timeout, hz/50); 1916 1917 PPPOE_UNLOCK(sc); 1918 } 1919 1920 static void 1921 pppoe_start(struct ifnet *ifp) 1922 { 1923 struct pppoe_softc *sc = (void *)ifp; 1924 struct mbuf *m; 1925 uint8_t *p; 1926 size_t len; 1927 1928 if (sppp_isempty(ifp)) 1929 return; 1930 1931 /* are we ready to process data yet? */ 1932 PPPOE_LOCK(sc, RW_READER); 1933 if (sc->sc_state < PPPOE_STATE_SESSION) { 1934 sppp_flush(&sc->sc_sppp.pp_if); 1935 PPPOE_UNLOCK(sc); 1936 return; 1937 } 1938 1939 while ((m = sppp_dequeue(ifp)) != NULL) { 1940 len = m->m_pkthdr.len; 1941 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1942 if (m == NULL) { 1943 if_statinc(ifp, if_oerrors); 1944 continue; 1945 } 1946 p = mtod(m, uint8_t *); 1947 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1948 1949 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1950 1951 pppoe_output(sc, m); 1952 } 1953 PPPOE_UNLOCK(sc); 1954 } 1955 1956 #ifdef PPPOE_MPSAFE 1957 static int 1958 pppoe_transmit(struct ifnet *ifp, struct mbuf *m) 1959 { 1960 struct pppoe_softc *sc = (void *)ifp; 1961 uint8_t *p; 1962 size_t len; 1963 1964 if (m == NULL) 1965 return EINVAL; 1966 1967 /* are we ready to process data yet? */ 1968 PPPOE_LOCK(sc, RW_READER); 1969 if (sc->sc_state < PPPOE_STATE_SESSION) { 1970 PPPOE_UNLOCK(sc); 1971 m_freem(m); 1972 return ENOBUFS; 1973 } 1974 1975 len = m->m_pkthdr.len; 1976 M_PREPEND(m, PPPOE_HEADERLEN, M_DONTWAIT); 1977 if (m == NULL) { 1978 PPPOE_UNLOCK(sc); 1979 if_statinc(ifp, if_oerrors); 1980 return ENETDOWN; 1981 } 1982 p = mtod(m, uint8_t *); 1983 PPPOE_ADD_HEADER(p, 0, sc->sc_session, len); 1984 1985 bpf_mtap(&sc->sc_sppp.pp_if, m, BPF_D_OUT); 1986 1987 pppoe_output(sc, m); 1988 PPPOE_UNLOCK(sc); 1989 return 0; 1990 } 1991 #endif /* PPPOE_MPSAFE */ 1992 1993 static void 1994 pppoe_ifattach_hook(void *arg, unsigned long cmd, void *arg2) 1995 { 1996 struct ifnet *ifp = arg2; 1997 struct pppoe_softc *sc; 1998 DECLARE_SPLNET_VARIABLE; 1999 2000 if (cmd != PFIL_IFNET_DETACH) 2001 return; 2002 2003 ACQUIRE_SPLNET(); 2004 rw_enter(&pppoe_softc_list_lock, RW_READER); 2005 LIST_FOREACH(sc, &pppoe_softc_list, sc_list) { 2006 PPPOE_LOCK(sc, RW_WRITER); 2007 if (sc->sc_eth_if != ifp) { 2008 PPPOE_UNLOCK(sc); 2009 continue; 2010 } 2011 if (sc->sc_sppp.pp_if.if_flags & IFF_UP) { 2012 sc->sc_sppp.pp_if.if_flags &= ~(IFF_UP|IFF_RUNNING); 2013 pppoe_printf(sc, 2014 "ethernet interface detached, going down\n"); 2015 } 2016 sc->sc_eth_if = NULL; 2017 pppoe_clear_softc(sc, "ethernet interface detached"); 2018 PPPOE_UNLOCK(sc); 2019 } 2020 rw_exit(&pppoe_softc_list_lock); 2021 RELEASE_SPLNET(); 2022 } 2023 2024 static void 2025 pppoe_clear_softc(struct pppoe_softc *sc, const char *message) 2026 { 2027 KASSERT(PPPOE_WLOCKED(sc)); 2028 2029 /* stop timer */ 2030 callout_stop(&sc->sc_timeout); 2031 pppoe_printf(sc, "session 0x%x terminated, %s\n", 2032 sc->sc_session, message); 2033 2034 /* fix our state */ 2035 sc->sc_state = PPPOE_STATE_INITIAL; 2036 2037 PPPOE_UNLOCK(sc); 2038 2039 /* signal upper layer */ 2040 sc->sc_sppp.pp_down(&sc->sc_sppp); 2041 2042 PPPOE_LOCK(sc, RW_WRITER); 2043 2044 /* clean up softc */ 2045 memcpy(&sc->sc_dest, etherbroadcastaddr, sizeof(sc->sc_dest)); 2046 if (sc->sc_ac_cookie) { 2047 free(sc->sc_ac_cookie, M_DEVBUF); 2048 sc->sc_ac_cookie = NULL; 2049 } 2050 if (sc->sc_relay_sid) { 2051 free(sc->sc_relay_sid, M_DEVBUF); 2052 sc->sc_relay_sid = NULL; 2053 } 2054 sc->sc_ac_cookie_len = 0; 2055 sc->sc_session = 0; 2056 } 2057 2058 static void 2059 pppoe_enqueue(struct ifqueue *inq, struct mbuf *m) 2060 { 2061 if (m->m_flags & M_PROMISC) { 2062 m_freem(m); 2063 return; 2064 } 2065 2066 #ifndef PPPOE_SERVER 2067 if (m->m_flags & (M_MCAST | M_BCAST)) { 2068 m_freem(m); 2069 return; 2070 } 2071 #endif 2072 2073 IFQ_LOCK(inq); 2074 if (IF_QFULL(inq)) { 2075 IF_DROP(inq); 2076 IFQ_UNLOCK(inq); 2077 m_freem(m); 2078 } else { 2079 IF_ENQUEUE(inq, m); 2080 IFQ_UNLOCK(inq); 2081 softint_schedule(pppoe_softintr); 2082 } 2083 return; 2084 } 2085 2086 void 2087 pppoe_input(struct ifnet *ifp, struct mbuf *m) 2088 { 2089 pppoe_enqueue(&ppoeinq, m); 2090 return; 2091 } 2092 2093 void 2094 pppoedisc_input(struct ifnet *ifp, struct mbuf *m) 2095 { 2096 pppoe_enqueue(&ppoediscinq, m); 2097 return; 2098 } 2099 2100 static void 2101 sysctl_net_pppoe_setup(struct sysctllog **clog) 2102 { 2103 const struct sysctlnode *node = NULL; 2104 2105 sysctl_createv(clog, 0, NULL, &node, 2106 CTLFLAG_PERMANENT, 2107 CTLTYPE_NODE, "pppoe", 2108 SYSCTL_DESCR("PPPOE protocol"), 2109 NULL, 0, NULL, 0, 2110 CTL_NET, CTL_CREATE, CTL_EOL); 2111 2112 if (node == NULL) 2113 return; 2114 2115 sysctl_createv(clog, 0, &node, NULL, 2116 CTLFLAG_PERMANENT | CTLFLAG_READWRITE, 2117 CTLTYPE_BOOL, "term_unknown", 2118 SYSCTL_DESCR("Terminate unknown sessions"), 2119 NULL, 0, &pppoe_term_unknown, sizeof(pppoe_term_unknown), 2120 CTL_CREATE, CTL_EOL); 2121 } 2122 2123 /* 2124 * Module infrastructure 2125 */ 2126 #include "if_module.h" 2127 2128 IF_MODULE(MODULE_CLASS_DRIVER, pppoe, "sppp_subr") 2129